summaryrefslogtreecommitdiff
path: root/README.md
blob: 597f9fc32335cbec20c91f91bf89a7281c3440fc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
# DN42-HRTK

The DN42 Haskell Registry Toolkit (dn42-hrtk) is a command line tool,
which currently has the following capabilities:

- Parse files located in the `data/dns`, `data/route` and
  `data/route6` directories of the registry.
- Parse the filter lists stored in `data/filter.txt` and
  `data/filter6.txt`.
- Use that information to generate ROA config for Bird, and a zone
  file for the DN42 root zone.

Note that dn42-hrtk is currently in early development, so do not
(yet!) expect reasonable commit messages, or decent code, the latter
also due to the fact I'm still a Haskell beginner.

Example invocations (if you want to run without installing, substitute
"cabal run --" for "dn42-hrtk"):

    % dn42-hrtk --help
    Help Options:
      -h, --help
        Show option summary.
      --help-all
        Show all help options.

    Application Options:
      --bird-roa4 :: maybe<text>
        File to write BIRD IPv4 ROA rules to.
      --bird-roa6 :: maybe<text>
        File to write BIRD IPv6 ROA rules to.
      --zone :: repeated<file[,domain,ns,admin]>
        Zone file to write out.
      --route-filter :: repeated<text>
      Filter to apply to exported routes.
    % dn42-hrtk --bird-roa4=roa4.conf --route-filter=registry/data/filter.txt \
                --zone=dn42.zone \
                --zone=freifunk.zone,freifunk,ns.freifunk,admin.freifunk \
                --rzone=dn42.rev.zone,172.22.0.0/16,nic.dn42,admin.nic.dn42 \
                --rzone=dn42.rev6.zone,fd00::/8,nic.dn42,admin.nic.dn42 \
                registry/data
    Loaded 560 routes, 324 domains (reverse 1072) from registry, 24 filter rules active.
    ROA denied: (88.198.76.200/29,64657)
    ROA denied: (78.46.228.160/28,64657)
    ROA denied: (217.115.14.32/28,64657)
    ROA denied: (172.24.1.0/24,4242423999)
    ROA denied: (127.20.47.96/27,4242423980)
    ROA denied: (127.20.47.64/27,4242423980)
    Wrote roa4.conf: 395 of 401 ROAs included
    Wrote dn42.zone: 237 of 324 domains included
    Wrote freifunk.zone: 8 of 324 domains included
    Wrote dn42.rev.zone: 233 of 1072 domains included
    Wrote dn42.rev6.zone: 190 of 1072 domains included
    %

Assuming a copy of the registry in `registry`, the above command will
write a Bird IPv4 ROA config snippet to `roa4.conf` in the current
directory. The dn42 zone will be written to `dn42.zone`, while a
(bogus) freifunk zone will be written to `freifunk.zone`, with
nameserver `ns.freifunk` and admin `admin.freifunk`. For dn42, reverse
IPv4 and IPv6 zones will also be generated.

Note that the filter list is applied to the generated ROA entries --
this should eventually allow leaving out the filter list entirely from
the router daemon's config.

## Building

dn42-hrkt is currently developed using GHC 7.10 on GNU/Linux running
on the amd64 architecture, but should work anywhere GHC and cabal are
functional (no pun intended ;-)). However, compatibility with versions
of GHC older than 7.10 has not been tested. That said, the following
commands should give you a working dn42-hrtk executable:

    % git clone https://r0tty.org/git/haskell/dn42-hrtk/
    % cd dn42-hrtk
    % cabal build
    % cabal run -- --help
    Preprocessing executable 'dn42-hrtk' for dn42-hrtk-0.1.0.0...
    Running dn42-hrtk...
    Help Options:
      -h, --help
    ...

If the build process, or the resulting executable fails, I'd like to
know. Hopefully I can fix, help fix, or at least document such issues.

## Planned Features

These are definitly on the TODO list:

- Support for a config file in addition to the command line options.
- Keeping a cache of the last output, and only regenerate output files
  on changes.
- Verbosity control, e.g. a `--quiet` flag.
- Support for Quagga's ROA format.
- `subnettr.py` features not yet implemented:
  - Insert metadata into generated zones (TXT records), including
    montone revision.
  - More tidy zone files, including useful comments.
- Support for "update actions", i.e. run a command to reload your
  router daemon or nameserver when the corresponding files changed.
- Generic zone support: use dn42-hrkt to generate your "ordinary" DNS
  zones from a DN42-style registry.
- Support for RFC 2317 "Classless IN-ADDR.ARPA delegation".  This
  would make the generated IPv4 reverse zone files quite a bit
  shorter.
- "Common suffix detection" -- insert `$ORIGIN` lines into the
  generated zone files to reduce the length of the entries.

Once one has the DN42 registry at one's fingertips, the urge can be
felt to do something silly (and maybe useful) with that data, or at
least so it seems to me ;-). Here are some ideas of what might be
worthwhile:

- A whois daemon; probably little code to add, and a nice gimmick.
- Likewise, a service like
  <https://dn42.net/services/Whois#dns-interface>. One could even
  extend this idea further, and provide more than just AS numbers over
  DNS: "whois-over-DNS", to quote a friend of mine.
- A PowerDNS backend for the DN42 root zone; since the ROA generation
  would have to be triggered on each registry update anyway, one could
  keep that information in RAM and serve it to PowerDNS.